diff --git a/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java b/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java
index a3013bf2..1e472c4e 100644
--- a/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java
+++ b/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java
@@ -14,6 +14,7 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.SneakyThrows;
+import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.entity.ContentType;
 import org.slf4j.MDC;
@@ -132,7 +133,8 @@ public class AuthFilter extends OncePerRequestFilter {
                         .filter(x -> StringUtils.equals(x.getId(), resource.get().getId())).findAny();
 
 
-                if (userResource.isEmpty() && !user.getSysAdmin()) {
+                if (userResource.isEmpty() && BooleanUtils.isFalse(user.getSysAdmin())) {
+
                     writeResponse(new BizException("invalidAccess", "当前资源未授权，请联系机构管理员处理。"), response);
                 } else {
 
diff --git a/src/main/java/cn/lihongjie/coal/spring/config/SecurityConfig.java b/src/main/java/cn/lihongjie/coal/spring/config/SecurityConfig.java
index fe98571a..d32a4fec 100644
--- a/src/main/java/cn/lihongjie/coal/spring/config/SecurityConfig.java
+++ b/src/main/java/cn/lihongjie/coal/spring/config/SecurityConfig.java
@@ -27,6 +27,8 @@ public class SecurityConfig {
 
                 })
                 .csrf(AbstractHttpConfigurer::disable)
+                .logout(AbstractHttpConfigurer::disable)
+                .formLogin(AbstractHttpConfigurer::disable)
                 .build();